]]>GDPR: Developing Your Compliance Program (via The Protiviti View)http://www.tim-maloney.com/?p=2362
Tue, 19 Sep 2017 14:00:00 +0000http://www.tim-maloney.com/?p=2362The European Union’s General Data Protection Regulations (GDPR) have been in the news a lot over the last couple of months with a deadline looming just 8 months out. But a survey of recent Protiviti webinar participants found that only 36% had begun their GDPR compliance projects.

Knowing where to begin with your compliance effort is critical as is involving the right stakeholders within the organization. If you’re looking to kick-start your organization’s GDPR compliance efforts, check out the recent post on The Protiviti View blog where Protiviti’s Jeff Sanchez and Robert Half Legal’s Scott Giordano provide some insights on how to get started.

]]>Email Reply (via XKCD)http://www.tim-maloney.com/?p=2270
Fri, 15 Sep 2017 14:00:00 +0000http://www.tim-maloney.com/?p=2270We’ve all been there. You find that email that you’ve been putting off replying to only to realize that it’s been a lot longer that you thought since you received it. I wish I would have the guts to reply as honestly as this XKCD comic suggests.

What do you do when you find an email that has been waiting for a response for a long time?

A few weeks ago, Wikileaks released another slew of hacking tools from the CIA. This batch outlined an interesting tool codenamed ExpressLane that was used to determine if agencies that were sharing biometric data with the CIA was withholding information from the CIA. The Hacker News has a breakdown of the process and how it was used, but it is a fascinating looking into how distrustful the CIA is with “partner” agencies (both in and outside of the US). It also highlights why physical security still plays a key role in protecting information assets.

]]>Dev-Oops: Why DevOps efforts fail (via SDTimes)http://www.tim-maloney.com/?p=2347
Mon, 11 Sep 2017 14:00:00 +0000http://www.tim-maloney.com/?p=2347DevOps is one of the hottest buzz words in the industry today. The approach is “a software development and delivery process that emphasizes communication and collaboration between product management, software development, and operations professionals.” Lots of organizations that have started their adoption of the framework, but haven’t seen the successes that have been touted by “true believers.” This article from the Software Development Times highlights some reasons why and is worth the read if your organization is working down the DevOps path.

We’ve all read about the experts: the artists, the scientists, the engineers—that special group of people known as Imagineers for The Walt Disney Company. But who are they? How did they join the team? What is it like to spend a day in their shoes? Disney Legend Marty Sklar wants to give back to fans and answer these burning questions. When Marty was president of Walt Disney Imagineering, he created a list of principles and ideals for the team, aptly named Mickey’s Ten Commandments. Using this code of standards as his organizational flow, Marty provides readers with insights and advice from himself and dozens of hands-on Imagineers from around the globe. It’s a true insider’s look like no other!

Why I’m Recommending It:

One Little Spark is really two books about Walt Disney Imagineering, the division of The Walt Disney Company that is responsible for creating the immersive experiences within the their theme parks. The first half of the book discusses “Mickey’s Ten Commandments,” the ten rules created by the book’s author Marty Sklar, former Chief Creative Officer for Imagineering. These rules, which you can see below, should guide every Imagineering project and are discussed in detail along with examples of how Imagineering successfully and unsuccessfully applied them.

Mickey’s Ten Commandments

Know your audience.

Wear your Guest’s shoes.

Organize the flow of people and ideas.

Create a wienie (visual magnet).

Communicate with visual literacy.

Avoid overload – create turn-ons

Tell one story at a time.

Avoid contradictions – maintain identity.

For every ounce of treatment, provide a ton of treat.

Keep it up! (maintain it).

The second half of the book is advice from current and former Imagineers on skills the people should develop if they are interested in potentially getting a job at Imagineering. While I think the advice they give is helpful for any job seeker, I found the first half of the book much more engaging and practical even outside of the Imagineering organization.

My Take-aways:

I love the idea behind Mickey’s Ten Commandments (I even plan on repurposing some of them for use on my own projects). They act as a great reminder that we are all communicators and need to think about our work with the end in mind. I recommend the book to anyone who has to be persuasive in their job.

Read an Excerpt and Learn More:

When I’m helping companies evaluate risk, I’m often asked to “define” what certain risk levels (i.e. High/Medium/Low or Probable/Improbable) mean. It’s often a challenge to define these levels mean since risk is by definition the exposure to uncertainty, a nebulous concept. LifeHacker recently published an article summarizing a research project that has been trying to evaluate what people mean when the say that some thing is “highly probable” or “Doubtful.” The research is still in the early stages, but I’m intrigued by the consistency of the results to far and I’m already thinking about ways I might incorporate these results into my risk assessment process.

What do you think about this research? Have you been successful in defining risk levels at your organization?